summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/filepimp.nix5
-rw-r--r--makefu/1systems/gum.nix1
-rw-r--r--makefu/1systems/omo.nix1
-rw-r--r--makefu/1systems/wbob.nix4
-rw-r--r--makefu/1systems/wry.nix4
-rw-r--r--makefu/1systems/x.nix3
-rw-r--r--makefu/2configs/base-gui.nix1
-rw-r--r--makefu/2configs/filepimp-share.nix33
-rw-r--r--makefu/2configs/hw/tp-x220.nix2
-rw-r--r--makefu/2configs/iodined.nix3
-rw-r--r--makefu/2configs/nginx/icecult.nix28
-rw-r--r--makefu/2configs/rad1o.nix2
-rw-r--r--makefu/2configs/solr.nix24
-rw-r--r--makefu/2configs/urlwatch.nix2
14 files changed, 105 insertions, 8 deletions
diff --git a/makefu/1systems/filepimp.nix b/makefu/1systems/filepimp.nix
index 4037f693d..0fabf6d93 100644
--- a/makefu/1systems/filepimp.nix
+++ b/makefu/1systems/filepimp.nix
@@ -24,7 +24,9 @@ in {
../2configs/fs/single-partition-ext4.nix
../2configs/smart-monitor.nix
../2configs/tinc/retiolum.nix
+ ../2configs/filepimp-share.nix
];
+
krebs.build.host = config.krebs.hosts.filepimp;
# AMD N54L
boot = {
@@ -76,6 +78,9 @@ in {
(xfsmount "j2" (part1 jDisk2)) //
(xfsmount "par0" (part1 jDisk3))
;
+
+ networking.firewall.trustedInterfaces = [ primary-interface ];
+
services.wakeonlan.interfaces = [
{
interface = primary-interface;
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 401ec6093..20731c847 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -22,6 +22,7 @@ in {
../2configs/tinc/retiolum.nix
../2configs/urlwatch.nix
../2configs/torrent.nix
+ ../2configs/graphite-standalone.nix
../2configs/sabnzbd.nix
../2configs/opentracker.nix
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index 71fb85ff6..2e09e345e 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -44,6 +44,7 @@ in {
../2configs/fs/sda-crypto-root.nix
../2configs/zsh-user.nix
../2configs/urlwatch.nix
+ ../2configs/backup.nix
../2configs/exim-retiolum.nix
../2configs/smart-monitor.nix
../2configs/mail-client.nix
diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix
index ff176edd9..184f74147 100644
--- a/makefu/1systems/wbob.nix
+++ b/makefu/1systems/wbob.nix
@@ -55,6 +55,10 @@ in {
# rt2870 with nonfree creates wlp2s0 from wlp0s20u2
# not explicitly setting the interface results in wpa_supplicant to crash
networking.wireless.interfaces = [ "wlp2s0" ];
+ networking.interfaces.virbr1.ip4 = [{
+ address = "10.8.8.11";
+ prefixLength = 24;
+ }];
# nuc hardware
diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix
index 81cd362e6..238b740a6 100644
--- a/makefu/1systems/wry.nix
+++ b/makefu/1systems/wry.nix
@@ -16,13 +16,15 @@ in {
../2configs/bepasty-dual.nix
../2configs/iodined.nix
-
+ ../2configs/backup.nix
# other nginx
../2configs/nginx/euer.wiki.nix
../2configs/nginx/euer.blog.nix
../2configs/nginx/euer.test.nix
+ #../2configs/elchos/stats.nix
+
# collectd
# ../2configs/collectd/collectd-base.nix
diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix
index 0243856ab..00eca87c4 100644
--- a/makefu/1systems/x.nix
+++ b/makefu/1systems/x.nix
@@ -63,11 +63,10 @@
# configure pulseAudio to provide a HDMI sink as well
networking.firewall.enable = true;
- networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 ];
+ networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ];
networking.firewall.allowedUDPPorts = [ 665 26061 ];
krebs.build.host = config.krebs.hosts.x;
- krebs.hosts.omo.nets.retiolum.via.ip4.addr = "192.168.1.11";
krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ];
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix
index b039c12ca..cbc3efbac 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/base-gui.nix
@@ -82,7 +82,6 @@ in
URxvt.perl-ext: default,url-select
URxvt.keysym.M-u: perl:url-select:select_next
- #URxvt.url-select.launcher: firefox -new-tab
URxvt.url-select.launcher: chromium
URxvt.url-select.underline: true
URxvt.searchable-scrollback: CM-s
diff --git a/makefu/2configs/filepimp-share.nix b/makefu/2configs/filepimp-share.nix
new file mode 100644
index 000000000..23fa8da08
--- /dev/null
+++ b/makefu/2configs/filepimp-share.nix
@@ -0,0 +1,33 @@
+{ config, lib, pkgs, ... }:
+
+with config.krebs.lib;
+let
+ hostname = config.krebs.build.host.name;
+in {
+ users.users.smbguest = {
+ name = "smbguest";
+ uid = config.ids.uids.smbguest;
+ description = "smb guest user";
+ home = "/var/empty";
+ };
+ services.samba = {
+ enable = true;
+ shares = {
+ media = {
+ path = "/media/";
+ "read only" = "no";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
+ };
+ extraConfig = ''
+ guest account = smbguest
+ map to guest = bad user
+ # disable printing
+ load printers = no
+ printing = bsd
+ printcap name = /dev/null
+ disable spoolss = yes
+ '';
+ };
+}
diff --git a/makefu/2configs/hw/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix
index 58390e48d..2ec531e56 100644
--- a/makefu/2configs/hw/tp-x220.nix
+++ b/makefu/2configs/hw/tp-x220.nix
@@ -5,7 +5,7 @@ with config.krebs.lib;
imports = [ ./tp-x2x0.nix ];
boot = {
- kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ];
+ kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" "tp_smapi" ];
extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
};
hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
diff --git a/makefu/2configs/iodined.nix b/makefu/2configs/iodined.nix
index ca489d073..b1446eab4 100644
--- a/makefu/2configs/iodined.nix
+++ b/makefu/2configs/iodined.nix
@@ -5,8 +5,9 @@ let
domain = "io.krebsco.de";
pw = import <secrets/iodinepw.nix>;
in {
+ networking.firewall.allowedUDPPorts = [ 53 ];
- services.iodined = {
+ services.iodine = {
server = {
enable = true;
domain = domain;
diff --git a/makefu/2configs/nginx/icecult.nix b/makefu/2configs/nginx/icecult.nix
new file mode 100644
index 000000000..a11f92af7
--- /dev/null
+++ b/makefu/2configs/nginx/icecult.nix
@@ -0,0 +1,28 @@
+{ config, pkgs, lib, ... }:
+
+with config.krebs.lib;
+
+let
+ icecult = pkgs.fetchFromGitHub {
+ owner = "kraiz";
+ repo = "icecult";
+ rev = "1942d43381a97f30111a48725f7532c343a6f4d7";
+ sha256 = "0l8q7kw3w1kpvmy8hza9vr5liiycivbljkmwpacaifbay5y98z58";
+ };
+in{
+ krebs.nginx = {
+ enable = true;
+ servers.default = {
+ extraConfig = ''
+ root ${icecult}/app;
+ '';
+ locations = [
+ (nameValuePair "/rpc" ''
+ rewrite /rpc/(.*) /$1 break;
+ proxy_http_version 1.1;
+ proxy_pass http://10.42.22.163:3121;
+ '')
+ ];
+ };
+ };
+}
diff --git a/makefu/2configs/rad1o.nix b/makefu/2configs/rad1o.nix
index 03bb9bc7e..6eca69e0c 100644
--- a/makefu/2configs/rad1o.nix
+++ b/makefu/2configs/rad1o.nix
@@ -3,7 +3,7 @@
{
environment.systemPackages = with pkgs; [
- gnuradio-full
+ gnuradio-with-packages
gnuradio-osmosdr
gqrx
];
diff --git a/makefu/2configs/solr.nix b/makefu/2configs/solr.nix
new file mode 100644
index 000000000..cad9eabc1
--- /dev/null
+++ b/makefu/2configs/solr.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+
+# graphite-web on port 8080
+# carbon cache on port 2003 (tcp/udp)
+with config.krebs.lib;
+let
+ solrHome = "/var/db/solr";
+in {
+ imports = [ ];
+ users.users.solr = {
+ home = solrHome;
+ uid = genid "solr";
+ createHome = true;
+ group = "solr";
+ };
+ users.groups.solr.gid = genid "solr";
+
+ services.solr = {
+ enable = true;
+ inherit solrHome;
+ user = "solr";
+ group = "solr";
+ };
+}
diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix
index 189167f71..0d8f888fa 100644
--- a/makefu/2configs/urlwatch.nix
+++ b/makefu/2configs/urlwatch.nix
@@ -15,7 +15,7 @@
http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
https://github.com/amadvance/snapraid/releases.atom
- https://erdgeist.org/gitweb/opentracker/log/
+ https://erdgeist.org/gitweb/opentracker/commit/
];
};
}